A chat with a PS3 hacker who runs custom code on firmware 3.60

Yesterday, 2 videos uploaded to YouTube were receiving attention as they showcased a PS3 with firmware version 3.60 running custom code, specifically a File Manager “homebrew” app. Could it be that the supposedly re-secured PS3 (via firmware 3.60) is already susceptible to an exploit? It certainly seems as though that is the case, although many commenters were crying “fake” as the exploit details have not been divulged.

After viewing the videos, which showed the usage of the new 3.60 cloud storage feature as well as the execution of custom code, we were excited to find out more about this new PS3 exploit. After the 2 videos were taken down from the YouTube account named “ThatBoringHacker”, we reached out to the user via YouTube messaging to see if he would discuss the hack/exploit with us. We eventually received an invite to chat on an IRC channel.

Below is a collection of excerpts from that chat. And although there seems to be some contradictory statements and some toying with us, especially at the beginning, we still found it to be a fascinating discussion. Keep in mind that much of this cannot be confirmed, so take the information as you will.

[13:15] <MyCE> Many seem to be claiming that your 3.60 hack video is fake, is it legit?

[13:15] <ThatBoringHacker> yeah

[13:15] <ThatBoringHacker> they don’t like change is the thing

[13:15] <ThatBoringHacker> haha

01[13:16] <MyCE> Can you give us any details on the method you used to run homebrew on it?

01[13:16] <MyCE> homebrew / file manager

[13:16] <ThatBoringHacker> just install the package and run

[13:16] <ThatBoringHacker> rofl

[13:16] <ThatBoringHacker> thats it

01[13:16] <MyCE> right but you can’t just do that without circumventing their security somehow, right?

[13:17] <ThatBoringHacker> not at all, i just installed the 3.60 firmware

[13:17] <ThatBoringHacker> and it did something odd to my ps3

01[13:17] <MyCE> Was it a modified 3.60 firmware?

[13:17] <ThatBoringHacker> not at all

[13:17] <ThatBoringHacker> im looking deeper into what my console did

01[13:17] <MyCE> so you think it was a fluke?

01[13:18] <MyCE> or is it something that you did to your console before installing 3.6?

[13:18] <ThatBoringHacker> no clue what happened

[13:18] <ThatBoringHacker> my eid changed

[13:18] <ThatBoringHacker> and i could run homebrew, debug apps all out of the box

01[13:19] <MyCE> is the console in the vid a retail unit or debug ?

[13:19] <ThatBoringHacker> its a retail

[13:19] <ThatBoringHacker> which had that weird thing happen to it

01[13:20] <MyCE> so why are you scared of being sued by Sony and removing the videos if it is nothing custom that you did to make this happen?

[13:20] <ThatBoringHacker> the lawyers can turn what i say against me

[13:20] <ThatBoringHacker> and i do not have the money to defend myself

01[13:20] <MyCE> so you have no idea how to reproduce this for another console?

[13:20] <ThatBoringHacker> i think i know

[13:20] <ThatBoringHacker> but it’s a very insane process

[13:20] <ThatBoringHacker> it requires some necromancy if you will

01[13:20] <MyCE> can you give us any details on it?

[13:21] <ThatBoringHacker> i’d rather not say

01[13:21] <MyCE> You are “ThatBoringHacker” from YouTube right?

[13:21] <ThatBoringHacker> yeah

[13:21] <ThatBoringHacker> the reason why i had closed the winocm account

[13:21] <ThatBoringHacker> was really

[13:21] <ThatBoringHacker> an email issue

01[13:21] <MyCE> Are you worried that someone else reposted your video on YouTube after you took it down?

[13:22] <ThatBoringHacker> yeah, somewhat

[13:22] <ThatBoringHacker> another reason why i took it down

[13:22] <ThatBoringHacker> was the general negative response

[13:24] <ThatBoringHacker> you see, these hacks affect game developers, and their profit

[13:24] <ThatBoringHacker> people love to pirate, and that’s a huge chunk

[13:24] <ThatBoringHacker> of the population

[13:24] <ThatBoringHacker> im against that

[13:24] <ThatBoringHacker> im also against the people who modify their games for cheating on the online network platform

01[13:24] <MyCE> what about people that just want to do what they want with hardware they purchased?

01[13:24] <MyCE> for legitimate reasons

[13:24] <ThatBoringHacker> i am fine with that

01[13:24] <MyCE> like running custom apps/games or running Linux like they used to be able to do?

[13:24] <ThatBoringHacker> its just that there are too many people using it for the wrong thing

[13:25] <ThatBoringHacker> im fine with linux

[13:25] <ThatBoringHacker> hell i use otheros a lot

[13:25] <ThatBoringHacker> i downgrade my console to 3.15 a lot

[13:25] <ThatBoringHacker> just to use otheros

01[13:25] <MyCE> so if you’re fine with that why not release the details on your 3.60 exploit?